52154a57efce2503a4f9be5b025f03ece60af8507deeb83adbe50140dc16bc79

Sharing

Copy URL Twitter E-mail

General

Target

52154a57efce2503a4f9be5b025f03ece60af8507deeb83adbe50140dc16bc79
Size

1.9MB
MD5

f6532517cca37c8a67ee6c44c5288097
SHA1

786b4d530814b85e4f52ea23a327544f61976ecf
SHA256

52154a57efce2503a4f9be5b025f03ece60af8507deeb83adbe50140dc16bc79
SHA512

a0151898f0274d170fabfcfaf44e17056864fd1a14249eff2d85b339f3b5c9fb76f44921be1ccc88a18f2948386d74f898564a7ad9c869f948bb64df9198ca24
SSDEEP

49152:3lW8XMnlucn2JhTlPgCbB1GiW7zVsT0Ml7kGncM9WNpkDSpZ+uS:1V6lucn2vlTbqiW7BsT0Ml7k27WNpQSf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52154a57efce2503a4f9be5b025f03ece60af8507deeb83adbe50140dc16bc79

Files

52154a57efce2503a4f9be5b025f03ece60af8507deeb83adbe50140dc16bc79
.exe windows:5 windows x86 arch:x86

7495ccf39557437d28a1dc3b089195f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\worknew\kaima\code\LaserServer金橙子v1.3.3(20230221)\Release\LaserServer金橙子.pdb

Imports

kernel32

GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
WriteConsoleW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
SetEnvironmentVariableA
TerminateProcess
QueryPerformanceCounter
IsProcessorFeaturePresent
UnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapQueryInformation
SizeofResource
HeapSize
ExitThread
GetFileType
SetStdHandle
HeapReAlloc
RaiseException
RtlUnwind
GetDateFormatW
GetTimeFormatW
ExitProcess
HeapAlloc
HeapFree
CreateDirectoryA
GetSystemTimeAsFileTime
GetFileAttributesA
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
InitializeCriticalSectionAndSpinCount
GetNumberFormatW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetCurrentDirectoryW
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
ReleaseActCtx
CreateActCtxW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CreateEventW
ReleaseMutex
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
InterlockedExchange
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExW
lstrcmpA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileW
CreateFileW
lstrcmpiW
GetThreadLocale
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
lstrcmpW
FreeResource
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
SetLastError
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleW
CloseHandle
CreateThread
GetCurrentThreadId
Sleep
GetModuleFileNameW
GetProcAddress
lstrcpynW
GetLastError
CreateMutexW
GetTickCount
CreateDirectoryW
lstrlenA
WideCharToMultiByte
WinExec
lstrlenW
lstrcatW
MultiByteToWideChar
lstrcpyW
FreeLibrary
LoadLibraryW
GetWindowsDirectoryW
LeaveCriticalSection
EnterCriticalSection
FreeConsole
DeleteCriticalSection
InitializeCriticalSection
AllocConsole
GetLocalTime
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
FindResourceW
LoadResource
LockResource
CreateFileA

user32

RegisterClipboardFormatW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
CopyImage
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
UnregisterClassW
UnpackDDElParam
ReuseDDElParam
LoadImageW
DestroyIcon
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableW
CharNextW
WaitMessage
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
GetAsyncKeyState
NotifyWinEvent
ReleaseCapture
SetCapture
SetWindowRgn
DeleteMenu
RealChildWindowFromPoint
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
OffsetRect
SetRectEmpty
IsZoomed
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
CharUpperW
WindowFromPoint
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
FrameRect
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
CheckDlgButton
SendMessageW
EnableWindow
KillTimer
SetWindowLongW
GetClientRect
IntersectRect
MapVirtualKeyW
GetKeyNameTextW
CopyRect
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
SetFocus
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetFocus
GetDesktopWindow
CharUpperBuffW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
GetWindowRgn
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
DestroyCursor
SubtractRect
MapVirtualKeyExW
GetCapture
IsCharLowerW
MessageBeep
InvalidateRect
SetTimer
GetMessagePos
ScreenToClient
PtInRect
SetCursor
GetSysColor
IsWindow
GetWindowRect
GetParent
GetDC
ReleaseDC
InflateRect
LoadCursorW
CopyIcon
LoadIconW
GetSystemMenu
AppendMenuW
LoadMenuW
PostMessageW
IsIconic
GetSystemMetrics
DrawIcon
FillRect
GetSubMenu
GetCursorPos
SetForegroundWindow
LoadBitmapW
SetMenuItemBitmaps
IsWindowVisible
DrawTextW
RedrawWindow
TabbedTextOutW
DrawTextExW
GrayStringW
DrawStateW
UpdateWindow
GetClassNameW
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
MessageBoxW
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetWindowThreadProcessId
RemoveMenu
PostThreadMessageW

gdi32

CombineRgn
GetMapMode
DPtoLP
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
GetBkColor
GetTextColor
GetRgnBox
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
SetRectRgn
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
SelectObject
GetPixel
CreateDCW
PatBlt
CopyMetaFileW
CreateHatchBrush
GetObjectType
SelectPalette
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Rectangle
GetStockObject
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateSolidBrush
DeleteObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateRectRgn
CreateCompatibleBitmap
SetTextColor
GetDeviceCaps
CreatePen
BitBlt
SetStretchBltMode
CreateCompatibleDC
CreateRectRgnIndirect
GetTextExtentPoint32W
CreateFontIndirectW
GetObjectW
SetViewportOrgEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegEnumKeyExW

shell32

DragQueryFileW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
Shell_NotifyIconW
SHAppBarMessage
SHGetMalloc
DragFinish
SHGetSpecialFolderLocation
SHGetFileInfoW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoInitialize
ReleaseStgMedium
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysStringLen
SysAllocStringByteLen
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

gethostbyname
gethostname
accept
listen
bind
ntohs
inet_ntoa
recvfrom
recv
sendto
send
setsockopt
htons
inet_addr
socket
WSACleanup
closesocket
WSAStartup

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

timeGetTime
PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7495ccf39557437d28a1dc3b089195f7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

version

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 307KB - Virtual size: 306KB

.data Size: 27KB - Virtual size: 97KB

.rsrc Size: 84KB - Virtual size: 83KB

.reloc Size: 172KB - Virtual size: 172KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 307KB - Virtual size: 306KB

.data
Size: 27KB - Virtual size: 97KB

.rsrc
Size: 84KB - Virtual size: 83KB

.reloc
Size: 172KB - Virtual size: 172KB